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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)^ Responsive to communication(s) filed on 25 August 2003 . 
2a)D This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) K Claim(s) 1-20 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) H Claim(s) 1-20 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)Q objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

!.□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

This action is*in response to the papers filed 8/25/2003. Claims 1-20 were 
received for consideration. No preliminary amendments for the claims were filed. 
Currently claims 1-20 are under consideration. 

Information Disclosure Statement 

The information disclosure statement (IDS) submitted on 3/21/2005 is in 
compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure 
statement is being considered by the examiner. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that 

form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country; or patented or described in a printed 
publication in this or a foreign country, before the invention thereof by the applicant for a patent. 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

Claim 1-20 are rejected under 35 U.S.C. 102(a) and 35 U.S.C. 102(e) as being 
anticipated by Bunker et al (U.S. Patent Application Publication # 2003/0056116). 
Bunker teaches everything with respect to claim 1 , a security indication spanning tree 
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method comprising: determining asset value of a network node (see figure 25-37 and 
paragraphs 0178 - 0263); ascertaining exposure rating of said network node (see figure 
25-37 and paragraphs 0178 - 0263); establishing a functional priority risk indicator for 
indicating the likelihood of an attack from another network node (see figure 25-37 and 
paragraphs 0178 - 0263); and creating a spanning tree schematic of a network 
including said network node, wherein said spanning tree schematic includes an 
indication of said asset value (see figure 25-37 and paragraph 0178 - 0263). 

With respect to claim 2, spanning tree schematic includes an indication of said 
exposure rating (see figure 25-37 and paragraphs 0178 - 0263). 

With respect to claim 3, spanning tree schematic includes an indication of said 
attack risk (see figure 25-37 and paragraphs 0178 - 0263). 

With respect to claim 4, asset value provides an indication of an economic value 
of functions provided by said network node (see figure 25-37 and paragraphs 0178 - 
0263). 

With respect to claim 5, asset value corresponds to an economic impact of a 
disruption to functionality provided by said network node (see figure 25-37 and 
paragraphs 0178 - 0263). 

Wth respect to claim 6, exposure rating defines a threshold value corresponding 
to connectivity of the network node with other network nodes (see figure 25-37 and 
paragraphs 0041 - 0045, 0178 - 0263). 



Application/Control Number: 10/648,531 Page 4 

Art Unit: 2132 

With respect to claim 7, network node is given an exposure rating value based 
upon a connectivity distance from a root node (see figure 25-37 and paragraphs 0178 - 
0263). 

With respect to claim 8, root node is a node closest to an external network (see 
figure 25-37 and paragraphs 01 78 - 0263). 

With respect to claim 9, functional priority risk indicator is associated with an 
economic benefit and utility of functionality said network node provides (see figure 25- 
37 and paragraphs 0178 - 0263). 

With respect to claim 10, a security indication spanning tree system comprising: 
a bus for communicating information (see paragraphs 0065); a processor coupled to 
said bus, said processor for processing said information including instructions for 
building an attack impact susceptibility spanning tree representation including asset 
value factors (see paragraphs 0065 - 0178); and a memory coupled to said bus, said 
memory for storing said information, including instructions for building said attack impact 
susceptibility spanning tree representation including said asset value factors (see 
paragraphs 0065 - 0086). 

With respect to claim 1 1 , asset risk value is automatically determined (see figure 
25-37 and paragraphs 0178 - 0263). 

With respect to claim 12, a central console for interfacing with a network 
application management platform (see paragraphs 0065 - 0178). 

With respect to claim 13, instructions include attack spread risk determination 
instructions (see figure 25-37 and paragraphs 0178 - 0263). 
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With respect to claim 14, instructions include exposure rating determination 
directions (see figure 25-37 and paragraphs 0178 - 0263). 

With respect to claim 15, a computer usable storage medium having computer 
readable program code embodied therein for causing a computer system to implement 
security indication spanning tree instructions comprising: a device examination module 
for examining information regarding devices included in a centralized resource network, 
wherein said examining includes ascertaining what applications said devices support 
(see figure 25-37 and paragraphs 0178 - 0263); an importance indication module for 
obtaining an indication of a relative importance of functionality provided by said device 
(see figure 25-37 and paragraphs 0178 - 0263); and a spanning tree module for building 
a spanning tree topology representation including said indication of said relative 
importance of said device in supporting said applications (see figure 25-37 and 
paragraphs 0141 - 0145, 0178 - 0263). 

With respect to claim 16, relative importance of said device is based upon an 
economic value of functions said devices performs in support of said applications (see 
figure 25-37 and paragraph 01 78 - 0263). 

With respect to claim 17, an internal attack permeability module for investigating 
the permeability of a network in permitting an internal attack on a device from other 
devices included in the network (see figure 25-37 and paragraphs 0142 - 0145, 0178 - 
0263). 

With respect to claim 18, analyzing the ease of attack on said device from other 
devices in said centralized resource network; and assigning an connectivity threshold 
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value to said device based upon said analysis of said ease of attack (see figure 25-37 
and paragraphs 0178 - 0263). 

With respect to claim 19, an attack danger assessment module for assessing the 
danger of an attack from other devices included in said network (see figure 25-37 and 
paragraphs 0142 - 0145, 0178 - 0263). 

With respect to claim 20, deriving an attack danger indication based upon said 
indication of said relative importance of said device and said connectivity threshold 
value; and associating said attack danger indication with said device (see figure 25-37 
and paragraphs 0178 - 0263). 

Prior Art Made of Record 

The prior art made of record and not relied upon in considered pertinent to 
applicant's disclose. The following patents are cited to further show the state of the art 
with respect to a file system, such as: 

United Stated Patent Application Publication No. 2004/0015728 to Cole et al., 
which is cited to show a system and method for network vulnerability detection and 
reporting. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Devin Almeida whose telephone number is 571-270- 
1018. The examiner can normally be reached on Monday-Thursday from 7:30 A.M. to 
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5:00 P.M. The examiner can also be reached on alternate Fridays from 7:30 A.M. to 
4:00 P.M. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron, can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-21 7-91 97 (toll-free). 



Devin Almeida 
Patent Examiner 
11/13/2006 




